Get started with
ISMS-P Intelligence
Dashboard on AWS

Automated ISMS-P compliance scanning and visualization for AWS. Deploy a single CloudFormation stack to continuously monitor your security posture across multiple accounts—available directly on AWS Marketplace.

Subscribe on AWS Marketplace → Request private offer

ISMS-P Intelligence Dashboard

A BSG Partners Product for AWS

ISMS-P Intelligence Dashboard automates the technical compliance assessment required for Korea's ISMS-P certification. Built on a K-ISMS compliance framework optimized for AWS, it evaluates hundreds of security controls across your AWS accounts daily and presents actionable compliance insights through an integrated analytics pipeline.

The solution deploys as a single CloudFormation stack with a fully serverless architecture. An EventBridge schedule triggers Step Functions daily, orchestrating parallel scans across all configured target accounts via Lambda Container Images. Results in OCSF format are stored in a centralized S3 Data Lake, transformed to Parquet via Glue ETL, and made queryable through 14 pre-configured Athena views. An optional QuickSight dashboard provides at-a-glance compliance metrics including compliance rate, critical/high severity findings, category breakdowns, and 30-day trend analysis.

Designed for security teams, compliance officers, and IT auditors preparing for or maintaining ISMS-P certification, it eliminates manual evidence collection by providing continuous, automated compliance monitoring with full audit trails.

Challenges in ISMS-P Certification

Organizations preparing for ISMS-P certification face significant operational challenges that increase cost, delay timelines, and create compliance gaps:

Manual Compliance Checks:

Security teams spend weeks manually evaluating hundreds of technical controls across AWS accounts. Spreadsheet-based tracking is error-prone and cannot keep pace with the dynamic nature of cloud infrastructure.
Evidence Collection Burden:

ISMS-P audits require extensive documentation of compliance status. Gathering screenshots, configuration exports, and log files for each control is labor-intensive and often outdated by the time the audit begins.
Multi-Account Visibility Gap:

Most organizations operate multiple AWS accounts. Without a centralized view, security teams lack visibility into cross-account compliance posture, making it difficult to identify systemic issues.
No Continuous Monitoring:

Point-in-time assessments provide only a snapshot. Between audits, configuration drift, new resources, and permission changes can silently introduce compliance violations that go undetected until the next review cycle.

Key Features

Automated ISMS-P Compliance Scanning

Leverages a K-ISMS compliance framework to automatically evaluate 546 security checks mapped to 101 ISMS-P controls covering access control, network security, encryption, logging, asset management, and more. Daily scheduled scans at 02:00 KST ensure continuous compliance monitoring. Multi-account parallel scanning via Step Functions provides enterprise-wide coverage with partial failure tolerance.

Integrated Dashboard & Analytics

All scan results flow into a centralized S3 Data Lake, transformed to Parquet via Glue ETL for efficient querying. 14 pre-built Athena views provide SQL-queryable compliance data. An optional 9-sheet QuickSight dashboard delivers KPI cards, severity distribution charts, category breakdowns, account heatmaps, and 30-day compliance trend analysis—all via Athena Direct Query for real-time data access.

Architecture

Data Collection

EventBridge triggers Step Functions daily, orchestrating three parallel Lambda functions per account: Prowler scans for ISMS-P compliance, Security Hub for threat/vulnerability details (GuardDuty, Inspector), and CloudTrail for security change events.

Data Processing

Raw JSON results are stored in a centralized S3 Data Lake with date-partitioned paths. Glue ETL transforms data to Parquet format and generates daily change comparison tables for tracking compliance drift over time.

Visualization

14 Athena views provide SQL-queryable compliance analytics. An optional QuickSight dashboard with 9 specialized sheets—from Overview to Remediation tracking—delivers executive and operational insights via Direct Query mode.

Dashboard Preview

9-sheet QuickSight dashboard covering compliance overview, access control, network security, encryption, logging, asset management, vulnerabilities, backup/DR, and remediation tracking.

Overview — Compliance rate, severity distribution, control heatmap, and 30-day trend

Vulnerabilities — Resource type treemap, pass/fail ratio, and per-check failure counts

Benefits

Fully Serverless — Zero Management Overhead

No EC2 instances or clusters to manage. Lambda Container Images handle the scanning engine, Step Functions orchestrate workflows, and Glue ETL processes data. Focus on compliance outcomes, not infrastructure operations.

Cost-Efficient at ~$25/month

The entire solution runs for approximately $25/month scanning 6 accounts daily (including QuickSight Author). Pay-per-use Lambda pricing and Parquet-based Athena queries keep costs minimal regardless of data volume.

Multi-Account Cross-Account Support

Scan multiple AWS accounts from a central hub using secure IAM AssumeRole. Each account runs independently with partial failure tolerance—one account's issue does not affect others. Deploy a single IAM role template to member accounts for immediate onboarding.

One-Click CloudFormation Deployment

Deploy the entire solution in ~15 minutes with a single CloudFormation stack. Provide your email, target account IDs, and QuickSight preference—the stack automatically provisions S3, Lambda, Step Functions, Glue, Athena views, and the QuickSight dashboard.

Ready to automate your
ISMS-P compliance?

Deploy a fully automated ISMS-P compliance scanning and visualization pipeline on your AWS account. Available directly on AWS Marketplace.

Subscribe on AWS Marketplace →

Get started withISMS-P IntelligenceDashboard on AWS